Site Archives openssl

At the (heart) bleeding edge


The news about a possibly very nasty bug in the popular OpenSSL library got my attention almost weeks ago which hit out of the blue like a bombshell. Dubbed Heartbleed, this bug can potentially leak private keys installed at servers which make use of the affected libraries I learned, and shortly after that the first […]

Randomly Broken Randomness


No, it’s not a news item anymore. Nevertheless, after scores of revocation requests came in at the StartCom CA because of a vulnerability in the pseudo random number generator of Debian’s OpenSSL package and dozens of news site reported this stupidity, I can’t hold myself back anymore. The developers of Debian apparently decided to fix […]